On Tue, 2006-06-27 at 16:28 -0400, Sam Drinkard wrote: > > William L. Maltby wrote: > > On Tue, 2006-06-27 at 16:08 -0400, Sam Drinkard wrote: > ><snip> > No joy. Q. I see a process called "klogd" is running a different pid > from syslogd. I don't ever recall seeing something as klogd before?? I > got a sneaking suspicion I stopped something, but if I only knew what > besides syslogd was required. Portmap does not apparently need to be > running, as nothing still has been written to the log file, and a reboot > did not help. Rats..... OK. You have entered the zone where you will *quickly* look at things and jump to conclusions, like seeing a "reasonable" date on the /etc/syslog.conf file and saying "It hasn't changed". But something could change it and "touch" the date. Or an untar or cpio extract carries the date of the original file... you see where I'm going. So this is the time to start at square one. I think it is Rodrigo's suggestion. And one that is easy is to actually look at the logfile contents and date. Here's mine for comparison, but yours could have minor variations I guess. [root at wlmlfs08 InstallUpdate]# ls -l /etc/sysl* -rw-r--r-- 1 root root 938 Oct 4 2005 /etc/syslog.conf I've attached the contents so uninterested parties don't have to be bored with the details. > <snip sig stuff> Any boot-time params changed (grub.conf) that might have unexpected effects? Any system configuration changes (chkconfig...) chkconfig --list any help? I'm out of ideas now. -- Bill -------------- next part -------------- # Log all kernel messages to the console. # Logging much else clutters up the screen. #kern.* /dev/console # Log anything (except mail) of level info or higher. # Don't log private authentication messages! *.info;mail.none;news.none;authpriv.none;cron.none /var/log/messages # The authpriv file has restricted access. authpriv.* /var/log/secure # Log all the mail messages in one place. mail.* -/var/log/maillog # Log cron stuff cron.* /var/log/cron # Everybody gets emergency messages *.emerg * # Save news errors of level crit and higher in a special file. uucp,news.crit /var/log/spooler # Save boot messages also to boot.log local7.* /var/log/boot.log # # INN # news.=crit /var/log/news/news.crit news.=err /var/log/news/news.err news.notice /var/log/news/news.notice -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://lists.centos.org/pipermail/centos/attachments/20060627/9d1333d8/attachment-0005.sig>